Summary: A critical vulnerability (CVE-2025-1851) has been identified in Tenda AC7 routers that could allow attackers to gain root access through a stack-based buffer overflow. This flaw has a CVSS score of 8.7 and affects firmware versions up to 15.03.06.44, with a proof of concept exploit available online. Users are urged to update their firmware immediately or disable remote access to mitigate potential risks.
Affected: Tenda AC7 routers
Keypoints :
- High-severity vulnerability (CVE-2025-1851) allows potential root access.
- Exploitation requires authentication but could lead to a denial of service or persistent root shell.
- Over 14,000 potentially exposed Tenda router interfaces have been identified online.
- Users should update firmware promptly or disable remote access to the web interface.
Source: https://securityonline.info/cve-2025-1851-tenda-ac7-routers-at-risk-of-root-compromise-poc-released/
Views: 16